| Subject | Re: [Firebird-Architect] Encryption for embedded server |
|---|---|
| Author | unordained |
| Post date | 2004-09-28T19:07:05Z |
A few filesystems support on-disk (transparent) encryption, yes? Would those not suit your needs as
a more general-purpose solution (and less time-consuming)? Firebird-embedded still has a chance of
writing to temp files for sorting for very large sorts / small memory, correct? Those would
probably also need to be encrypted ... in-memory cache would be unencrypted, so that could also be
attacked (plenty of hacking tools to do that.) Encryption is fine, but what vectors of attack are
you worried about? Reading, writing, improperly cleaned hard drives, ... ?
-Philip
---------- Original Message -----------
From: Jonathan Neve <jonathan@...>
a more general-purpose solution (and less time-consuming)? Firebird-embedded still has a chance of
writing to temp files for sorting for very large sorts / small memory, correct? Those would
probably also need to be encrypted ... in-memory cache would be unencrypted, so that could also be
attacked (plenty of hacking tools to do that.) Encryption is fine, but what vectors of attack are
you worried about? Reading, writing, improperly cleaned hard drives, ... ?
-Philip
---------- Original Message -----------
From: Jonathan Neve <jonathan@...>
> Hi!------- End of Original Message -------
>
> I think it could be useful to be able to use a database in an encrypted
> form when using the embedded server. This means that the application
> that's accessing the DB would have to provide the key in the DB
> connection parameters, and all the data would encrypted/decrypted when
> storing into/retrieving from the DB. Compression also could be added, by
> the same token. What do you think?
>
> Regards,
> Jonathan Neve.